Chapter 15. Automating Configuration Tasks using Ansible
Ansible is an automation tool used to configure systems, deploy software, and perform rolling updates. Ansible includes support for Red Hat Virtualization, and Ansible modules are available to allow you to automate post-installation tasks such as data center setup and configuration, managing users, or virtual machine operations.
Ansible provides an easier method of automating Red Hat Virtualization configuration compared to REST APIs and SDKs, and allows you to integrate with other Ansible modules. For more information about the Ansible modules available for Red Hat Virtualization, see the Ovirt modules in the Ansible documentation.
Note
Ansible Tower is a graphically enabled framework accessible through a web interface and REST APIs for Ansible. If you want support for Ansible Tower, then you must have an Ansible Tower license, which is not part of the Red Hat Virtualization subscription.
Ansible is shipped with Red Hat Virtualization. To install Ansible ensure that you have enabled the required repositories. See Subscribing to the Required Entitlements in the Installation Guide, and run the following command:
# yum install ansible
See the Ansible Documentation for alternate installation instructions, and information about using Ansible.
15.1. Ansible Roles
Multiple Ansible roles are available to help configure and manage various parts of the Red Hat Virtualization infrastructure. Ansible roles provide a method of modularizing Ansible code by breaking up large playbooks into smaller, reusable files that can be shared with other users.
The Ansible roles available for Red Hat Virtualization are categorized by the various infrustructure components. For more information about the Ansible roles, see the oVirt Ansible Roles documentation, or the documentation installed with Ansible roles, see Section 15.1.1, “Installing Ansible Roles”.
15.1.1. Installing Ansible Roles
You can install Ansible roles for Red Hat Virtualization from the
rhel-7-server-rhv-4.1-rpms
repository. See Subscribing to the Required Entitlements in the Installation Guide for more information.
Use the following command to install the Ansible roles:
# yum install ovirt-ansible-roles
By default the roles are installed to
/usr/share/ansible/roles
. The structure of the ovirt-ansible-roles package is as follows:
/usr/share/ansible/roles
- stores the roles./usr/share/doc/ovirt-ansible-roles/
- stores the examples, a basic overview, and the licence./usr/share/doc/ansible/roles/role_name
- stores the documentation specific to the role.
15.1.2. Using Ansible Roles to Configure Red Hat Virtualization
The following procedure guides you through creating and running a playbook that uses Ansible roles to configure Red Hat Virtualization. This example uses Ansible to connect to the Manager on the local machine and create a new data center.
Prerequisites
- Ensure the
roles_path
option in/etc/ansible/ansible.cfg
points to the location of your Ansible roles (/usr/share/ansible/roles
). - Ensure that you have the Python SDK installed on the machine running the playbook.
Procedure 15.1. Configuring Red Hat Virtualization using Ansible Roles
- Create a file in your working directory to store the Red Hat Virtualization Manager user password:
# cat passwords.yml --- engine_password: youruserpassword
- Encrypt the user password. You will be asked for a vault password.
# ansible-vault encrypt passwords.yml New Vault password: Confirm New Vault password:
- Create a file that stores the Manager details such as the url, certificate location, and user.
# cat engine_vars.yml --- engine_url: https://example.engine.redhat.com/ovirt-engine/api engine_user: admin@internal engine_cafile: /etc/pki/ovirt-engine/ca.pem
Note
If you prefer, these variables can be added directly to the playbook instead. - Create your playbook. To simplify this you can copy and modify an example in
/usr/share/doc/ovirt-ansible-roles/examples
.# cat rhv_infra.yml --- - name: RHV infrastructure hosts: localhost connection: local gather_facts: false vars_files: # Contains variables to connect to the Manager - engine_vars.yml # Contains encrypted `engine_password` variable using ansible-vault - passwords.yml pre_tasks: - name: Login to RHV ovirt_auth: url: "{{ engine_url }}" username: "{{ engine_user }}" password: "{{ engine_password }}" ca_file: "{{ engine_cafile | default(omit) }}" insecure: "{{ engine_insecure | default(true) }}" tags: - always vars: data_center_name: mydatacenter data_center_description: mydatacenter data_center_local: false compatibility_version: 4.1 roles: - ovirt-datacenters post_tasks: - name: Logout from RHV ovirt_auth: state: absent ovirt_auth: "{{ ovirt_auth }}" tags: - always
- Run the playbook.
# ansible-playbook --ask-vault-pass rhv_infra.yml
You have successfully used the
ovirt-datacenters
Ansible role to create a data center named mydatacenter
.